[tor-bugs] #6359 [Applications/TorBirdy]: make use of stream isolation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 8 16:11:20 UTC 2016
#6359: make use of stream isolation
-----------------------------------+-------------------------
Reporter: proper | Owner: ioerror
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/TorBirdy | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+-------------------------
Changes (by lunar):
* status: reopened => new
Old description:
> TorBirdy should not use the same circuit that any other torified
> applications may use. Streams should get isolated.
New description:
TorBirdy should not use the same circuit that any other torified
applications may use. Streams should get isolated.
A different circuit should also be used for each account, similar to what
Tor Browser does when isolating different domains.
--
Comment:
Tor Browser now uses SOCKS username/password to use different circuits for
each domain. Does Thunderbird now support using SOCKS username password as
well? Would it be complicated to get a different circuit for each account
now that it's a reality?
One corner case to be aware of is POP before SMTP. I don't know if these
kind of setups are still in use, but they were popular at some point. It
would probably be best if the same circuit can be used in such a case, as
I believe some implementation would ensure that the same IP is in use for
both POP and subsequent SMTP. This is still a minor use case and should
not block getting proper isolation between accounts.
Thanks!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6359#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list